Consumers of internet pornography may have reason to be a little worried with the publication of a new study uncovering a surge of malware in the illicit content.

Researchers at the Russian cybersecurity firm, Kaspersky Lab, discovered that cybercriminals have been increasingly targeting viewers of pornography. In 2017, Kaspersky’s team found at least 27 different types of malware on porn sites. And as consumers are turning to their phones for pornography, hackers have followed — researchers found that at least 1.2 million mobile users encountered malware. While some of the malware is relatively benign, many of the programs are aimed at getting users’ credit card or banking information.

One of the more common scams that hackers run is a “phishing” scheme. When consumers click on a link that they believe will lead them to some sex-filled content, they encounter a pop-up screen instead. Ironically, the screen might warn the user that they’ve been hacked and give them a phone number to call to remove the malware. This number usually connects them to a hacker who attempts to pry credit card information out of them. Kaspersky labels this sort of scam as “scareware.” Hackers might also push pop-up windows to users’ screens, urging them to download the latest video player. Of course, the victims are getting malware instead of higher-quality nudity. Other scareware might show a message claiming to be from the FBI and ordering the user to pay a fine for illegal files found on their device.

Kaspersky notes that most of the malware they uncovered was hidden on oddball sites with names like “pornopriz.loan” and “pornohd24.com.”Sometimes hackers even built these sites in order to target users. But some major outlets like Pornhub also hosted nefarious software. In 2017, hackers ran rampant on Pornhub, and targeted millions of users. The attacks were centered around “malvertising” — ads that appear on Pornhub’s margins and promise better content but lead to a link that allows cybercriminals to gain access to users’ computers. After the cybercriminals’ lengthy campaign was uncovered, Pornhub vice president Corey Price said “Pornhub’s commitment to providing their viewers with an optimal online experience has made security a top priority, allowing us to respond quickly to cybercrime and safeguard our customers.”

While looking at malware in mobile devices, the researchers focused on Android content and found that hackers were getting creative when targeting mobile users. They uncovered 23 different “families” of malware and estimated that over 25 percent of the hacking software encounters by Android users came on adult sites. “Trojan” programs, which linger on a device and collect data, were also surprisingly popular on the Android platform. Kaspersky’s team found that some of the more advanced Trojans were able to retrieve contacts, call history and coordinates. The most powerful Trojans are able to get into “god mode,” meaning that the hackers can access any file they want on the device and even install apps and programs.

Trojans are complicated beasts and there are a lot of different types of them, but this video offers a basic explanation of a “clicker” Trojan — though the video explains the hackers’ methods through an email rather than a porn site.

Kaspersky’s researchers didn’t initially set out to study malware on porn sites, instead they were scanning through marketplaces on the dark web to see what cybercriminals were peddling. While there, they found listings for paid accounts on porn sites, meaning that hackers had gained access to victims’ computers and phones and were able to hack their credentials before selling them online.